Microsoft Windows Server 2016 vulnerabilities
4,181 known vulnerabilities affecting microsoft/windows_server_2016.
Total CVEs
4,181
CISA KEV
116
actively exploited
Public exploits
137
Exploited in wild
109
Severity breakdown
CRITICAL114HIGH2918MEDIUM1130LOW19
Vulnerabilities
Page 21 of 210
CVE-2025-53138MEDIUMCVSS 5.7fixed in 10.0.14393.8330≥ 10.0.14393.0, < 10.0.14393.83302025-08-12
CVE-2025-53138 [MEDIUM] CWE-908 CVE-2025-53138: Use of uninitialized resource in Windows Routing and Remote Access Service (RRAS) allows an authoriz
Use of uninitialized resource in Windows Routing and Remote Access Service (RRAS) allows an authorized attacker to disclose information over a network.
cvelistv5nvd
CVE-2025-50156MEDIUMCVSS 5.7fixed in 10.0.14393.8330≥ 10.0.14393.0, < 10.0.14393.83302025-08-12
CVE-2025-50156 [MEDIUM] CWE-908 CVE-2025-50156: Use of uninitialized resource in Windows Routing and Remote Access Service (RRAS) allows an authoriz
Use of uninitialized resource in Windows Routing and Remote Access Service (RRAS) allows an authorized attacker to disclose information over a network.
cvelistv5nvd
CVE-2025-47981CRITICALCVSS 9.8fixed in 10.0.14393.8246≥ 10.0.14393.0, < 10.0.14393.82462025-07-08
CVE-2025-47981 [CRITICAL] CWE-122 CVE-2025-47981: Heap-based buffer overflow in Windows SPNEGO Extended Negotiation allows an unauthorized attacker to
Heap-based buffer overflow in Windows SPNEGO Extended Negotiation allows an unauthorized attacker to execute code over a network.
cvelistv5nvd
CVE-2025-49691HIGHCVSS 8.0fixed in 10.0.14393.8246≥ 10.0.14393.0, < 10.0.14393.82462025-07-08
CVE-2025-49691 [HIGH] CWE-122 CVE-2025-49691: Heap-based buffer overflow in Windows Media allows an unauthorized attacker to execute code over an
Heap-based buffer overflow in Windows Media allows an unauthorized attacker to execute code over an adjacent network.
cvelistv5nvd
CVE-2025-49689HIGHCVSS 7.8fixed in 10.0.14393.8246≥ 10.0.14393.0, < 10.0.14393.82462025-07-08
CVE-2025-49689 [HIGH] CWE-125 CVE-2025-49689: Integer overflow or wraparound in Virtual Hard Disk (VHDX) allows an unauthorized attacker to elevat
Integer overflow or wraparound in Virtual Hard Disk (VHDX) allows an unauthorized attacker to elevate privileges locally.
cvelistv5nvd
CVE-2025-49730HIGHCVSS 7.8PoCfixed in 10.0.14393.8246≥ 10.0.14393.0, < 10.0.14393.82462025-07-08
CVE-2025-49730 [HIGH] CWE-122 CVE-2025-49730: Time-of-check time-of-use (toctou) race condition in Microsoft Windows QoS scheduler allows an autho
Time-of-check time-of-use (toctou) race condition in Microsoft Windows QoS scheduler allows an authorized attacker to elevate privileges locally.
cvelistv5nvd
CVE-2025-47976HIGHCVSS 7.8fixed in 10.0.14393.8246≥ 10.0.14393.0, < 10.0.14393.82462025-07-08
CVE-2025-47976 [HIGH] CWE-416 CVE-2025-47976: Use after free in Windows SSDP Service allows an authorized attacker to elevate privileges locally.
Use after free in Windows SSDP Service allows an authorized attacker to elevate privileges locally.
cvelistv5nvd
CVE-2025-48814HIGHCVSS 7.5fixed in 10.0.14393.8246≥ 10.0.14393.0, < 10.0.14393.82462025-07-08
CVE-2025-48814 [HIGH] CWE-306 CVE-2025-48814: Missing authentication for critical function in Windows Remote Desktop Licensing Service allows an u
Missing authentication for critical function in Windows Remote Desktop Licensing Service allows an unauthorized attacker to bypass a security feature over a network.
cvelistv5nvd
CVE-2025-49688HIGHCVSS 8.8fixed in 10.0.14393.8246≥ 10.0.14393.0, < 10.0.14393.82462025-07-08
CVE-2025-49688 [HIGH] CWE-415 CVE-2025-49688: Double free in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to e
Double free in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to execute code over a network.
cvelistv5nvd
CVE-2025-49660HIGHCVSS 7.8fixed in 10.0.14393.8246≥ 10.0.14393.0, < 10.0.14393.82462025-07-08
CVE-2025-49660 [HIGH] CWE-416 CVE-2025-49660: Use after free in Windows Event Tracing allows an authorized attacker to elevate privileges locally.
Use after free in Windows Event Tracing allows an authorized attacker to elevate privileges locally.
cvelistv5nvd
CVE-2025-49666HIGHCVSS 7.2fixed in 10.0.14393.8246≥ 10.0.14393.0, < 10.0.14393.82462025-07-08
CVE-2025-49666 [HIGH] CWE-122 CVE-2025-49666: Heap-based buffer overflow in Windows Kernel allows an authorized attacker to execute code over a ne
Heap-based buffer overflow in Windows Kernel allows an authorized attacker to execute code over a network.
cvelistv5nvd
CVE-2025-47973HIGHCVSS 7.8fixed in 10.0.14393.8246≥ 10.0.14393.0, < 10.0.14393.82462025-07-08
CVE-2025-47973 [HIGH] CWE-126 CVE-2025-47973: Buffer over-read in Virtual Hard Disk (VHDX) allows an unauthorized attacker to elevate privileges l
Buffer over-read in Virtual Hard Disk (VHDX) allows an unauthorized attacker to elevate privileges locally.
cvelistv5nvd
CVE-2025-48822HIGHCVSS 8.6fixed in 10.0.14393.8246≥ 10.0.14393.0, < 10.0.14393.82462025-07-08
CVE-2025-48822 [HIGH] CWE-125 CVE-2025-48822: Out-of-bounds read in Windows Hyper-V allows an unauthorized attacker to execute code locally.
Out-of-bounds read in Windows Hyper-V allows an unauthorized attacker to execute code locally.
cvelistv5nvd
CVE-2025-49673HIGHCVSS 8.8fixed in 10.0.14393.8246≥ 10.0.14393.0, < 10.0.14393.82462025-07-08
CVE-2025-49673 [HIGH] CWE-122 CVE-2025-49673: Heap-based buffer overflow in Windows Routing and Remote Access Service (RRAS) allows an unauthorize
Heap-based buffer overflow in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to execute code over a network.
cvelistv5nvd
CVE-2025-49683HIGHCVSS 7.8PoCfixed in 10.0.14393.8246≥ 10.0.14393.0, < 10.0.14393.82462025-07-08
CVE-2025-49683 [HIGH] CWE-122 CVE-2025-49683: Integer overflow or wraparound in Virtual Hard Disk (VHDX) allows an unauthorized attacker to execut
Integer overflow or wraparound in Virtual Hard Disk (VHDX) allows an unauthorized attacker to execute code locally.
cvelistv5nvd
CVE-2025-49669HIGHCVSS 8.8fixed in 10.0.14393.8246≥ 10.0.14393.0, < 10.0.14393.82462025-07-08
CVE-2025-49669 [HIGH] CWE-122 CVE-2025-49669: Heap-based buffer overflow in Windows Routing and Remote Access Service (RRAS) allows an unauthorize
Heap-based buffer overflow in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to execute code over a network.
cvelistv5nvd
CVE-2025-49675HIGHCVSS 7.8fixed in 10.0.14393.8246≥ 10.0.14393.0, < 10.0.14393.82462025-07-08
CVE-2025-49675 [HIGH] CWE-416 CVE-2025-49675: Use after free in Kernel Streaming WOW Thunk Service Driver allows an authorized attacker to elevate
Use after free in Kernel Streaming WOW Thunk Service Driver allows an authorized attacker to elevate privileges locally.
cvelistv5nvd
CVE-2025-49665HIGHCVSS 7.8fixed in 10.0.14393.8246≥ 10.0.14393.0, < 10.0.14393.82462025-07-08
CVE-2025-49665 [HIGH] CWE-362 CVE-2025-49665: Concurrent execution using shared resource with improper synchronization ('race condition') in Works
Concurrent execution using shared resource with improper synchronization ('race condition') in Workspace Broker allows an authorized attacker to elevate privileges locally.
cvelistv5nvd
CVE-2025-49721HIGHCVSS 7.8fixed in 10.0.14393.8246≥ 10.0.14393.0, < 10.0.14393.82462025-07-08
CVE-2025-49721 [HIGH] CWE-122 CVE-2025-49721: Heap-based buffer overflow in Windows Fast FAT Driver allows an unauthorized attacker to elevate pri
Heap-based buffer overflow in Windows Fast FAT Driver allows an unauthorized attacker to elevate privileges locally.
cvelistv5nvd
CVE-2025-48000HIGHCVSS 7.8fixed in 10.0.14393.8246≥ 10.0.14393.0, < 10.0.14393.82462025-07-08
CVE-2025-48000 [HIGH] CWE-362 CVE-2025-48000: Use after free in Windows Connected Devices Platform Service allows an authorized attacker to elevat
Use after free in Windows Connected Devices Platform Service allows an authorized attacker to elevate privileges locally.
cvelistv5nvd